prisma-migration-assistant
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (SAFE): The skill defines templates for processing user-supplied migration names and database schemas. While this is an ingestion surface for untrusted data, the examples follow standard developer workflows.
- Ingestion points: Migration names and Prisma schema files.
- Boundary markers: None explicitly defined in the templates.
- Capability inventory: Includes local command execution via npx and execSync for migration tasks.
- Sanitization: The provided shell script template does not sanitize the migration name parameter.
- Dynamic Execution (SAFE): The skill includes code snippets using execSync for automated migration testing. This is standard practice in development environments and does not incorporate untrusted remote data.
Audit Metadata